Millions of fax machines could be vulnerable to malicious hackers using booby-trapped image data to gain access to internal networks, security researchers have found.

Yaniv Balmas and Eyal Itkin, security researchers at CheckPoint, a US software company, found that the owners of more than 300 million active fax numbers could be leaving themselves open to so-called ‘faxploitation’ attacks.

These would target all-in-one machines that are also used as printers and photocopiers and are therefore connected to internal networks via Wifi, Bluetooth and Ethernet connections.

Presenting at the Def Con hacker conference in Las Vegas, Balmas warned that they had found a way to use image data to exploit security holes in outdated fax machine protocols that date back to the 1980s and infiltrate the wider corporate network.

The vulnerabilities Balmas and Itkin had uncovered in the devices therefore represented a “major network security risk”, according to the research published on the CheckPoint website.

The report states that fax - long considered an old fashioned technology - is still used extensively by government agencies, courts, banks and other organisations to scan, transfer and print documents. A recent survey suggested that 9,000 fax machines are still in operation in the NHS in England.

The researchers set out how they had been able to test the vulnerability by ‘booby trapping’ image data sent through fax with a malicious payload of the same software behind last year’s massive WannaCry ransonware attack.

They found issues with the way fax protocols were used in some widely-used multi-purpose printers made by HP.

HP worked with CheckPoint to issue a security patch to close the loopholes identified in the research.

There is no evidence so far to suggest that hackers have used the booby-trapped image method to infiltrate secure internal networks.

Share Story: